Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fUJRPhKPjGZT6Bge50FX4YD3RxM.roa
File: fUJRPhKPjGZT6Bge50FX4YD3RxM.roa (raw, json)
Hash identifier: PI2CLWDNBPbHqcbRVeiLI8M6EN3Wkc8W82ysl/mn8xg=
Subject key identifier: 7D:42:51:3E:12:8F:8C:66:53:E8:18:1E:E7:41:57:E1:80:F7:47:13
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E3B5F9B0F08F1795E6196B4C894990A98
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fUJRPhKPjGZT6Bge50FX4YD3RxM.roa
Signing time: Thu 14 Mar 2024 05:11:45 +0000
ROA not before: Thu 14 Mar 2024 05:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3b:5f:9b:0f:08:f1:79:5e:61:96:b4:c8:94:99:0a:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 14 05:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d42513e128f8c6653e8181ee74157e180f74713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:76:48:93:81:09:61:3c:a4:92:23:65:15:d3:
7b:d0:5b:91:c2:8a:05:7c:53:ca:9f:13:99:85:01:
29:58:94:63:b0:07:2f:b2:4b:a9:76:f7:07:e6:75:
13:44:8c:73:7c:9d:ef:ea:f1:93:f1:0c:46:d9:7d:
93:77:3e:5c:97:c5:2f:97:e5:de:20:36:ae:fa:a4:
80:4c:46:ed:96:75:a8:28:f1:d4:c1:31:49:e8:8d:
0a:17:a4:ff:3b:30:f6:44:df:12:b9:1f:d8:e5:c3:
30:c8:1a:95:fd:22:3b:68:6a:e0:d2:4c:62:c0:21:
0c:fe:93:a1:20:24:01:a4:0c:17:19:fa:cf:e4:7c:
44:b3:1e:32:ec:89:c1:7e:cd:a5:68:21:3b:47:df:
7b:4e:35:c3:c8:05:d8:b3:03:95:ca:4b:c2:bd:17:
87:40:8b:68:1a:12:0b:0d:44:32:b6:13:e0:0d:88:
66:92:76:44:be:65:39:08:90:53:ef:90:cb:d4:97:
c8:df:9b:8c:86:fd:a3:a4:7b:70:81:16:17:e9:5c:
4d:e0:38:a8:c4:7b:2c:0d:a8:43:5b:b9:bc:3f:32:
39:a4:87:16:f2:36:1c:fd:db:61:32:c9:df:f5:54:
23:0b:01:1b:d4:ca:44:7f:48:12:e9:e1:40:dc:b5:
58:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:42:51:3E:12:8F:8C:66:53:E8:18:1E:E7:41:57:E1:80:F7:47:13
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/fUJRPhKPjGZT6Bge50FX4YD3RxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:39:d9:2a:e0:1b:07:70:b6:66:d8:43:7e:9f:46:ff:e8:01:
00:93:d8:0e:ef:d2:6f:41:dc:88:11:99:9f:68:f7:1f:e9:2d:
23:db:63:a5:e3:f5:fc:75:b3:4f:19:a2:31:8d:d0:92:3d:d4:
b5:76:c7:06:7a:a1:3f:9a:f3:b3:d0:a0:bc:da:bf:c6:d1:a5:
e6:ff:26:fc:42:69:50:e5:36:d5:ed:e3:fe:ec:5f:2b:81:1a:
c4:b9:4f:67:cc:5f:4e:3f:fa:83:43:a1:f8:3d:a9:68:1b:18:
34:f7:bc:72:33:3d:96:87:4a:22:1b:13:6a:01:c6:27:f3:fa:
c8:18:3a:fa:16:f3:aa:b6:f7:bf:ad:05:61:57:7d:8b:6c:c2:
d8:0f:ab:b7:a1:0a:55:3f:d5:b6:eb:04:49:4c:86:f0:d1:17:
3a:31:79:bb:19:2c:4f:c4:a2:7d:1d:33:28:fe:38:31:24:bc:
c1:64:ce:58:a1:9d:4e:62:5f:01:be:fe:b4:16:5b:7f:fd:d3:
93:b9:9d:8f:6c:59:30:dc:7a:28:7d:f5:25:82:4c:71:84:bd:
d1:b5:52:ba:ad:e0:57:64:90:71:91:56:91:f0:e1:9b:bf:7f:
4f:d5:0b:49:26:bd:36:6e:12:fd:62:e7:3d:8f:0f:35:5e:c5:
ce:f6:7d:5a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY47X5sPCPF5XmGWtMiUmQqYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE0MDUxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDQyNTEzZTEyOGY4YzY2NTNlODE4MWVlNzQxNTdlMTgwZjc0NzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHZIk4EJYTykkiNlFdN70FuRwooF
fFPKnxOZhQEpWJRjsAcvskupdvcH5nUTRIxzfJ3v6vGT8QxG2X2Tdz5cl8Uvl+Xe
IDau+qSATEbtlnWoKPHUwTFJ6I0KF6T/OzD2RN8SuR/Y5cMwyBqV/SI7aGrg0kxi
wCEM/pOhICQBpAwXGfrP5HxEsx4y7InBfs2laCE7R997TjXDyAXYswOVykvCvReH
QItoGhILDUQythPgDYhmknZEvmU5CJBT75DL1JfI35uMhv2jpHtwgRYX6VxN4Dio
xHssDahDW7m8PzI5pIcW8jYc/dthMsnf9VQjCwEb1MpEf0gS6eFA3LVYKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH1CUT4Sj4xmU+gYHudBV+GA90cTMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZlVKUlBoS1BqR1pUNkJnZTUwRlg0WUQzUnhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEQ52SrgGwdwtmbYQ36f
Rv/oAQCT2A7v0m9B3IgRmZ9o9x/pLSPbY6Xj9fx1s08ZojGN0JI91LV2xwZ6oT+a
87PQoLzav8bRpeb/JvxCaVDlNtXt4/7sXyuBGsS5T2fMX04/+oNDofg9qWgbGDT3
vHIzPZaHSiIbE2oBxifz+sgYOvoW86q297+tBWFXfYtswtgPq7ehClU/1bbrBElM
hvDRFzoxebsZLE/Eon0dMyj+ODEkvMFkzlihnU5iXwG+/rQWW3/905O5nY9sWTDc
eih99SWCTHGEvdG1Urqt4FdkkHGRVpHw4Zu/f0/VC0kmvTZuEv1i5z2PDzVexc72
fVo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:40 2025 by rpki-client